Solved

Use GPO to lock down USB CDROM drives

Posted on 2010-09-16
3
1,357 Views
Last Modified: 2012-06-27
I am trying to lock down USB and CDROM Drives with GPO. I went to http://support.microsoft.com/kb/555324 copied and pasted the contents into a text document. Then, renamed the file with a .adm extension. Opened group policy management and created a new object called USB lock down.

Next, went to edit mode on the new object, and under computer config, right clicked admin templates and added the usblockdown.adm. After this process the template shows up in the add remove template window.

So my question.....is this the correct process? Also, after the template is added where can I modify the settings for it? I am unsure where to navigate to.

Thank you in advance
0
Comment
Question by:dwesolowicz
  • 2
3 Comments
 
LVL 7

Accepted Solution

by:
grantsewell earned 500 total points
ID: 33696408
Yes, this is correct so far.

To continue, in the policy, navigate to Computer Configuration, Policies, and right-click on Administrative Templates. Select "Filter Options..." and uncheck the box marked "Only show policies that can be fully managed". In 7/2008+, this may be displayed as a drop-down box. Change it to "Any".

The new USB policies will be displayed within Administrative Templates.

Good luck!
0
 

Author Comment

by:dwesolowicz
ID: 33696532
Thanks for the reply! I tried what you said, unchecked the box and the policy is now showing under Custom Policy Settings.

Thanks Again!
0
 
LVL 7

Expert Comment

by:grantsewell
ID: 33696922
Great! I'm a group policy nerd :) If the works out for you please go ahead and close out the question.

Cheers,

Grant
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question